C003021 Firewall Engineer (NS) - WED 16 Aug

Total Scope of the request (hours): 418

Required Start Date: 2 October 2023

End Contract Date: 31 December 2023

Required Security Clearance: NATO SECRET

Duties and Role:

Under the direction of Section Head, Gateway Security Services, the Level 3 Firewall Engineer will perform duties such as, but not limited to, the following:

Support the Centralised SLA activities (CP120 WP3) in all areas of network and security devices, such as

• Central administration of Boundary Protection and Gateway services
• System staging and configuration
• Firewall policy development

Management, maintenance and configuration of appliances and software applications for Gateway Security systems, including network security devices such as firewalls and data diodes to ensure continuing functionality and availability.

Provide technical support in troubleshooting infrastructure and operational issues and collaborating with other teams for a successful resolution;

Perform the analysis, design, implementation and maintenance of authorised changes, related to Gateway Security Systems and the integration/tailoring of vendor supplied components, following established procedures for quality, configuration control, testing, documentation and security;

Collaborate with the Infrastructure Management and other Cyber Security teams

Provide assistance to Incident Handlers to identify and remediate security incidents

Review security documentation and provide technical advice, when requested

Performs other duties as may be required.

Requirements

Skill, Knowledge & Experience:

• The candidate must have a currently active NATO SECRET security clearance
• Essential to have a Bachelor's Degree in Computer Science or similar related discipline combined with a minimum of 5 years' experience as Security Analyst or Engineer or similar position involving Technical ICT Engineering knowledge, or a Secondary education and completed advanced vocational education (loading to a professional qualification or professional accreditation) with 7 years post related experience.

Mandatory

• Very good experience with Palo Alto Networks Firewalls and enterprise-scale management (Panorama)
• Very good experience with Check Point Firewalls and Security Management
• Very Good experience and knowledge of Computer and Networks Security principles and procedures and technologies.
• Very Good experience of UNIX and Microsoft Operating system Troubleshooting of Linux and/or Windows infrastructures OS
• Strong knowledge and experience of Boundaries Boundary Protections Devices
• Strong experience and technical knowledge on wide and local area networks and components (switches, routers)
• Comprehensive knowledge of the principles of computer and communication security, LAN/WAN networking including protocol network architecture, and the vulnerabilities of modern operating systems and applications
• Good experience in troubleshooting TCP/IP networks to identify problems.
• Working knowledge of TCP/IP protocols and services.
• Practical experience in analysing packet captures
• Good knowledge of wireshark and other tools to capture and analyse network traffic
• Excellent communication abilities, both written and verbal, with the ability to clearly and successfully articulate complex issues to a variety of audiences and teams

Desirable

• Experience and knowledge of deploying Palo Alto Network Threat Prevention on Enterprise level.
• Experience with Check Point Firewalls and Security Management.
• Knowledge of DNS, mail, web servers/proxies, mail guards Software engineering including programming and/or scripting knowledge (python, shell scripting, PowerShell).
• Industry leading certification in the area of Cybersecurity such as CISSP, CISM, MCSE/S, CISA, GSNA, SANS GIAC.
• A solid understanding of Information Security Practices; relating to the Confidentiality, Integrity and Availability of information (CIA triad.)
• Prior experience of working in an international environment comprising both military and civilian elements.